[Possible] Database Connection String Detected

Description

One or more database connection strings were found. The connection strings may include attributes such as the name of the driver, server and database, as well as security information such as user name and password.

Remediation

Restrict access to these file(s) or restrict the disclosure of this connection string .

References

Database Connection String Detected | Invicti

Related Vulnerabilities

Phusion Passenger Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-12027)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.8)

WordPress Plugin Academy LMS-eLearning and online course solution for WordPress Information Disclosure (1.9.25)

WordPress Plugin JupiterX Core Multiple Vulnerabilities (2.0.6)

WordPress Plugin SS Downloads Cross-Site Request Forgery and Information Disclosure Vulnerabilities (1.4.3)

Severity

Medium

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N